def test_dmcrypt_with_custom_size(self, conf_ceph_stub): conf_ceph_stub(''' [global] fsid=asdf [osd] osd_dmcrypt_size=8 ''') result = encryption.create_dmcrypt_key() assert len(result) == 172
def test_dmcrypt_with_custom_size(self, conf_ceph_stub): conf_ceph_stub(''' [global] fsid=asdf [osd] osd_dmcrypt_size=8 ''') result = encryption.create_dmcrypt_key() assert len(result) == 172
def prepare(self, args): # FIXME we don't allow re-using a keyring, we always generate one for the # OSD, this needs to be fixed. This could either be a file (!) or a string # (!!) or some flags that we would need to compound into a dict so that we # can convert to JSON (!!!) secrets = {'cephx_secret': prepare_utils.create_key()} cephx_lockbox_secret = '' encrypted = 1 if args.dmcrypt else 0 cephx_lockbox_secret = '' if not encrypted else prepare_utils.create_key( ) if encrypted: secrets['dmcrypt_key'] = encryption_utils.create_dmcrypt_key() secrets['cephx_lockbox_secret'] = cephx_lockbox_secret cluster_fsid = conf.ceph.get('global', 'fsid') osd_fsid = args.osd_fsid or system.generate_uuid() crush_device_class = args.crush_device_class if crush_device_class: secrets['crush_device_class'] = crush_device_class # reuse a given ID if it exists, otherwise create a new ID self.osd_id = prepare_utils.create_id(osd_fsid, json.dumps(secrets), osd_id=args.osd_id) tags = { 'ceph.osd_fsid': osd_fsid, 'ceph.osd_id': self.osd_id, 'ceph.cluster_fsid': cluster_fsid, 'ceph.cluster_name': conf.cluster, 'ceph.crush_device_class': crush_device_class, } if args.filestore: if not args.journal: raise RuntimeError( '--journal is required when using --filestore') data_lv = self.get_lv(args.data) if not data_lv: data_lv = self.prepare_device(args.data, 'data', cluster_fsid, osd_fsid) tags['ceph.data_device'] = data_lv.lv_path tags['ceph.data_uuid'] = data_lv.lv_uuid tags['ceph.cephx_lockbox_secret'] = cephx_lockbox_secret tags['ceph.encrypted'] = encrypted tags['ceph.vdo'] = api.is_vdo(data_lv.lv_path) journal_device, journal_uuid, tags = self.setup_device( 'journal', args.journal, tags) tags['ceph.type'] = 'data' data_lv.set_tags(tags) prepare_filestore( data_lv.lv_path, journal_device, secrets, tags, self.osd_id, osd_fsid, ) elif args.bluestore: block_lv = self.get_lv(args.data) if not block_lv: block_lv = self.prepare_device(args.data, 'block', cluster_fsid, osd_fsid) tags['ceph.block_device'] = block_lv.lv_path tags['ceph.block_uuid'] = block_lv.lv_uuid tags['ceph.cephx_lockbox_secret'] = cephx_lockbox_secret tags['ceph.encrypted'] = encrypted tags['ceph.vdo'] = api.is_vdo(block_lv.lv_path) wal_device, wal_uuid, tags = self.setup_device( 'wal', args.block_wal, tags) db_device, db_uuid, tags = self.setup_device( 'db', args.block_db, tags) tags['ceph.type'] = 'block' block_lv.set_tags(tags) prepare_bluestore( block_lv.lv_path, wal_device, db_device, secrets, tags, self.osd_id, osd_fsid, )
def prepare(self): # FIXME we don't allow re-using a keyring, we always generate one for the # OSD, this needs to be fixed. This could either be a file (!) or a string # (!!) or some flags that we would need to compound into a dict so that we # can convert to JSON (!!!) secrets = {'cephx_secret': prepare_utils.create_key()} cephx_lockbox_secret = '' encrypted = 1 if self.args.dmcrypt else 0 cephx_lockbox_secret = '' if not encrypted else prepare_utils.create_key( ) if encrypted: secrets['dmcrypt_key'] = encryption_utils.create_dmcrypt_key() secrets['cephx_lockbox_secret'] = cephx_lockbox_secret cluster_fsid = self.get_cluster_fsid() osd_fsid = self.args.osd_fsid or system.generate_uuid() crush_device_class = self.args.crush_device_class if crush_device_class: secrets['crush_device_class'] = crush_device_class # reuse a given ID if it exists, otherwise create a new ID self.osd_id = prepare_utils.create_id(osd_fsid, json.dumps(secrets), osd_id=self.args.osd_id) tags = { 'ceph.osd_fsid': osd_fsid, 'ceph.osd_id': self.osd_id, 'ceph.cluster_fsid': cluster_fsid, 'ceph.cluster_name': conf.cluster, 'ceph.crush_device_class': crush_device_class, 'ceph.osdspec_affinity': prepare_utils.get_osdspec_affinity() } if self.args.filestore: if not self.args.journal: logger.info(('no journal was specifed, creating journal lv ' 'on {}').format(self.args.data)) self.args.journal = self.args.data self.args.journal_size = disk.Size(g=5) # need to adjust data size/slots for colocated journal if self.args.data_size: self.args.data_size -= self.args.journal_size if self.args.data_slots == 1: self.args.data_slots = 0 else: raise RuntimeError('Can\'t handle multiple filestore OSDs ' 'with colocated journals yet. Please ' 'create journal LVs manually') tags['ceph.cephx_lockbox_secret'] = cephx_lockbox_secret tags['ceph.encrypted'] = encrypted journal_device, journal_uuid, tags = self.setup_device( 'journal', self.args.journal, tags, self.args.journal_size, self.args.journal_slots) try: vg_name, lv_name = self.args.data.split('/') data_lv = api.get_single_lv(filters={ 'lv_name': lv_name, 'vg_name': vg_name }) except ValueError: data_lv = None if not data_lv: data_lv = self.prepare_data_device('data', osd_fsid) tags['ceph.data_device'] = data_lv.lv_path tags['ceph.data_uuid'] = data_lv.lv_uuid tags['ceph.vdo'] = api.is_vdo(data_lv.lv_path) tags['ceph.type'] = 'data' data_lv.set_tags(tags) if not journal_device.startswith('/'): # we got a journal lv, set rest of the tags api.get_single_lv(filters={ 'lv_name': lv_name, 'vg_name': vg_name }).set_tags(tags) prepare_filestore( data_lv.lv_path, journal_device, secrets, tags, self.osd_id, osd_fsid, ) elif self.args.bluestore: try: vg_name, lv_name = self.args.data.split('/') block_lv = api.get_single_lv(filters={ 'lv_name': lv_name, 'vg_name': vg_name }) except ValueError: block_lv = None if not block_lv: block_lv = self.prepare_data_device('block', osd_fsid) tags['ceph.block_device'] = block_lv.lv_path tags['ceph.block_uuid'] = block_lv.lv_uuid tags['ceph.cephx_lockbox_secret'] = cephx_lockbox_secret tags['ceph.encrypted'] = encrypted tags['ceph.vdo'] = api.is_vdo(block_lv.lv_path) wal_device, wal_uuid, tags = self.setup_device( 'wal', self.args.block_wal, tags, self.args.block_wal_size, self.args.block_wal_slots) db_device, db_uuid, tags = self.setup_device( 'db', self.args.block_db, tags, self.args.block_db_size, self.args.block_db_slots) tags['ceph.type'] = 'block' block_lv.set_tags(tags) prepare_bluestore( block_lv.lv_path, wal_device, db_device, secrets, tags, self.osd_id, osd_fsid, )
def prepare(self, args): # FIXME we don't allow re-using a keyring, we always generate one for the # OSD, this needs to be fixed. This could either be a file (!) or a string # (!!) or some flags that we would need to compound into a dict so that we # can convert to JSON (!!!) secrets = {'cephx_secret': prepare_utils.create_key()} cephx_lockbox_secret = '' encrypted = 1 if args.dmcrypt else 0 cephx_lockbox_secret = '' if not encrypted else prepare_utils.create_key() if encrypted: secrets['dmcrypt_key'] = encryption_utils.create_dmcrypt_key() secrets['cephx_lockbox_secret'] = cephx_lockbox_secret cluster_fsid = conf.ceph.get('global', 'fsid') osd_fsid = args.osd_fsid or system.generate_uuid() crush_device_class = args.crush_device_class if crush_device_class: secrets['crush_device_class'] = crush_device_class # reuse a given ID if it exists, otherwise create a new ID self.osd_id = prepare_utils.create_id(osd_fsid, json.dumps(secrets), osd_id=args.osd_id) tags = { 'ceph.osd_fsid': osd_fsid, 'ceph.osd_id': self.osd_id, 'ceph.cluster_fsid': cluster_fsid, 'ceph.cluster_name': conf.cluster, 'ceph.crush_device_class': crush_device_class, } if args.filestore: if not args.journal: raise RuntimeError('--journal is required when using --filestore') data_lv = self.get_lv(args.data) if not data_lv: data_lv = self.prepare_device(args.data, 'data', cluster_fsid, osd_fsid) tags['ceph.data_device'] = data_lv.lv_path tags['ceph.data_uuid'] = data_lv.lv_uuid tags['ceph.cephx_lockbox_secret'] = cephx_lockbox_secret tags['ceph.encrypted'] = encrypted journal_device, journal_uuid, tags = self.setup_device('journal', args.journal, tags) tags['ceph.type'] = 'data' data_lv.set_tags(tags) prepare_filestore( data_lv.lv_path, journal_device, secrets, tags, self.osd_id, osd_fsid, ) elif args.bluestore: block_lv = self.get_lv(args.data) if not block_lv: block_lv = self.prepare_device(args.data, 'block', cluster_fsid, osd_fsid) tags['ceph.block_device'] = block_lv.lv_path tags['ceph.block_uuid'] = block_lv.lv_uuid tags['ceph.cephx_lockbox_secret'] = cephx_lockbox_secret tags['ceph.encrypted'] = encrypted wal_device, wal_uuid, tags = self.setup_device('wal', args.block_wal, tags) db_device, db_uuid, tags = self.setup_device('db', args.block_db, tags) tags['ceph.type'] = 'block' block_lv.set_tags(tags) prepare_bluestore( block_lv.lv_path, wal_device, db_device, secrets, tags, self.osd_id, osd_fsid, )
def test_dmcrypt(self): result = encryption.create_dmcrypt_key() assert len(base64.b64decode(result)) == 128
def test_dmcrypt_with_default_size(self, conf_ceph_stub): conf_ceph_stub('[global]\nfsid=asdf-lkjh') result = encryption.create_dmcrypt_key() assert len(result) == 172
def test_dmcrypt_with_default_size(self, conf_ceph_stub): conf_ceph_stub('[global]\nfsid=asdf-lkjh') result = encryption.create_dmcrypt_key() assert len(result) == 172
def prepare(self): # FIXME we don't allow re-using a keyring, we always generate one for the # OSD, this needs to be fixed. This could either be a file (!) or a string # (!!) or some flags that we would need to compound into a dict so that we # can convert to JSON (!!!) secrets = {'cephx_secret': prepare_utils.create_key()} cephx_lockbox_secret = '' encrypted = 1 if self.args.dmcrypt else 0 cephx_lockbox_secret = '' if not encrypted else prepare_utils.create_key() if encrypted: secrets['dmcrypt_key'] = encryption_utils.create_dmcrypt_key() secrets['cephx_lockbox_secret'] = cephx_lockbox_secret cluster_fsid = self.get_cluster_fsid() osd_fsid = self.args.osd_fsid or system.generate_uuid() crush_device_class = self.args.crush_device_class if crush_device_class: secrets['crush_device_class'] = crush_device_class # reuse a given ID if it exists, otherwise create a new ID self.osd_id = prepare_utils.create_id(osd_fsid, json.dumps(secrets), osd_id=self.args.osd_id) tags = { 'ceph.osd_fsid': osd_fsid, 'ceph.osd_id': self.osd_id, 'ceph.cluster_fsid': cluster_fsid, 'ceph.cluster_name': conf.cluster, 'ceph.crush_device_class': crush_device_class, 'ceph.osdspec_affinity': prepare_utils.get_osdspec_affinity() } if self.args.filestore: #TODO: allow auto creation of journal on passed device, only works # when physical device is passed, not LV if not self.args.journal: raise RuntimeError('--journal is required when using --filestore') try: vg_name, lv_name = self.args.data.split('/') data_lv = api.get_first_lv(filters={'lv_name': lv_name, 'vg_name': vg_name}) except ValueError: data_lv = None if not data_lv: data_lv = self.prepare_data_device('data', osd_fsid) tags['ceph.data_device'] = data_lv.lv_path tags['ceph.data_uuid'] = data_lv.lv_uuid tags['ceph.cephx_lockbox_secret'] = cephx_lockbox_secret tags['ceph.encrypted'] = encrypted tags['ceph.vdo'] = api.is_vdo(data_lv.lv_path) journal_device, journal_uuid, tags = self.setup_device( 'journal', self.args.journal, tags, self.args.journal_size) tags['ceph.type'] = 'data' data_lv.set_tags(tags) prepare_filestore( data_lv.lv_path, journal_device, secrets, tags, self.osd_id, osd_fsid, ) elif self.args.bluestore: try: vg_name, lv_name = self.args.data.split('/') block_lv = api.get_first_lv(filters={'lv_name': lv_name, 'vg_name': vg_name}) except ValueError: block_lv = None if not block_lv: block_lv = self.prepare_data_device('block', osd_fsid) tags['ceph.block_device'] = block_lv.lv_path tags['ceph.block_uuid'] = block_lv.lv_uuid tags['ceph.cephx_lockbox_secret'] = cephx_lockbox_secret tags['ceph.encrypted'] = encrypted tags['ceph.vdo'] = api.is_vdo(block_lv.lv_path) wal_device, wal_uuid, tags = self.setup_device( 'wal', self.args.block_wal, tags, self.args.block_wal_size) db_device, db_uuid, tags = self.setup_device( 'db', self.args.block_db, tags, self.args.block_db_size) tags['ceph.type'] = 'block' block_lv.set_tags(tags) prepare_bluestore( block_lv.lv_path, wal_device, db_device, secrets, tags, self.osd_id, osd_fsid, )